diff options
author | Bernhard Schmidt <berni@debian.org> | 2021-02-24 19:54:19 +0100 |
---|---|---|
committer | Bernhard Schmidt <berni@debian.org> | 2021-02-24 19:54:19 +0100 |
commit | d717dbfa8d0807202f5ad05f7db53925cf63a446 (patch) | |
tree | ff434c729e3d55979ee85983296c424e637a1124 /src/openvpn/ssl.c | |
parent | 76fee93e6fe89e5575bae2840b585d2f025b9050 (diff) | |
parent | 4ee98f284a93c3b855092d35ac21371d9dcad65b (diff) |
Update upstream source from tag 'upstream/2.5.1'
Update to upstream version '2.5.1'
with Debian dir 7ffab8b9a1f4bee8b10a736ef58cdbac4bfd4b14
Diffstat (limited to 'src/openvpn/ssl.c')
-rw-r--r-- | src/openvpn/ssl.c | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c index c6ba812..d7494c2 100644 --- a/src/openvpn/ssl.c +++ b/src/openvpn/ssl.c @@ -434,8 +434,6 @@ ssl_set_auth_nocache(void) { passbuf.nocache = true; auth_user_pass.nocache = true; - /* wait for push-reply, because auth-token may still need the username */ - auth_user_pass.wait_for_push = true; } /* @@ -2358,14 +2356,15 @@ key_method_2_write(struct buffer *buf, struct tls_session *session) } /* if auth-nocache was specified, the auth_user_pass object reaches * a "complete" state only after having received the push-reply - * message. + * message. The push message might contain an auth-token that needs + * the username of auth_user_pass. * * For this reason, skip the purge operation here if no push-reply * message has been received yet. * * This normally happens upon first negotiation only. */ - if (!auth_user_pass.wait_for_push) + if (!session->opt->pull) { purge_user_pass(&auth_user_pass, false); } @@ -4104,8 +4103,7 @@ done: } void -delayed_auth_pass_purge(void) +ssl_clean_user_pass(void) { - auth_user_pass.wait_for_push = false; purge_user_pass(&auth_user_pass, false); } |